Russia-backed hacker breaches Microsoft exec emails again
Midnight Blizzard’s November attack was detected only on 12 January.
Hackers suspected to be supported by Russia’s Foreign Intelligence Service has again accessed email account of Microsoft executives that activated the company’s cybersecurity defense, Agence France-Presse reported.
Microsoft identified the cyber attacker as a group referred to as “Midnight Blizzard,” which it said “primarily target governments, diplomatic entities, non-government organizations, and IT service providers primarily in the United States and Europe.”
Microsoft’s security team detected the latest attack on 12 January.
The attack began in November of last year, with the hackers trying a password on an array of accounts and getting it right on an old test account, according to Microsoft.
The hackers then used that “foothold” to access some Microsoft corporate email accounts including those of senior leaders and security team members, taking emails and attached documents.
“The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself,” Microsoft said.
There was no evidence the hackers accessed customer accounts, production systems, source code, or artificial intelligence software at Microsoft, according to the company.
“Given the reality of threat actors that are resourced and funded by nation states, we are shifting the balance we need to strike between security and business risk,” Microsoft said.
“We will act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes, even when these changes might cause disruption to existing business processes.”